3abf95ab3254933b78291d3ef8abcbc122cecb5856646d26cae0b22a6c39cb63 | Triage

Analysis

max time kernel
90s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2022 16:14

Sharing

Report Analysis Logs

General

Target

YouContractChanges/YouNewRules.txt
Size

72KB
MD5

ae161358f739c5841ed4389a268f2b2b
SHA1

b890e9941c0645296fd3c0637f91dbbfaf162b67
SHA256

919dac806adc72fa6df6f71c0cd7745deb5e6743c5800b76a513f63f98bb75ad
SHA512

14ef26acf95b476833ff3cc1845f0633428a5468fcfda87a1e180266b0b865fb9bfa2061cbf052eb1151b40b80cf159c8ea60087cc9797c3b89465e5c7b83b10
SSDEEP

768:oIBIWAI7IgIZIWAISfHAIz1I8IdQtIGIWtuI+ImAIgIakIfoVOIW2k28apOI6eIG:a

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

3448 NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\YouContractChanges\YouNewRules.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:3448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...